Abstract:The global deployment of the phasor measurement units (PMUs) enables real-time monitoring of the power system, which has stimulated considerable research into machine learning-based models for event detection and classification. However, recent studies reveal that machine learning-based methods are vulnerable to adversarial attacks, which can fool the event classifiers by adding small perturbations to the raw PMU data. To mitigate the threats posed by adversarial attacks, research on defense strategies is urgently needed. This paper proposes an effective adversarial purification method based on the diffusion model to counter adversarial attacks on the machine learning-based power system event classifier. The proposed method includes two steps: injecting noise into the PMU data; and utilizing a pre-trained neural network to eliminate the added noise while simultaneously removing perturbations introduced by the adversarial attacks. The proposed adversarial purification method significantly increases the accuracy of the event classifier under adversarial attacks while satisfying the requirements of real-time operations. In addition, the theoretical analysis reveals that the proposed diffusion model-based adversarial purification method decreases the distance between the original and compromised PMU data, which reduces the impacts of adversarial attacks. The empirical results on a large-scale real-world PMU dataset validate the effectiveness and computational efficiency of the proposed adversarial purification method.

What problem does this paper attempt to address?

### Problems Addressed by the Paper The paper aims to address the vulnerability of power system event classifiers when facing adversarial attacks. Specifically, existing machine learning-based power system event classifiers are susceptible to adversarial attacks, which deceive the classifiers by adding small perturbations to the original phasor measurement unit (PMU) data. Such attacks can lead to incorrect predictions by the classifiers, thereby affecting the stability and security of the power system. To tackle this challenge, the paper proposes an effective adversarial purification method based on a diffusion model. This method is implemented in two steps: first, noise is injected into the PMU data, and then a pre-trained neural network is used to eliminate the added noise and the perturbations introduced by the adversarial attacks. This approach not only significantly improves the accuracy of the classifier under adversarial attacks but also meets the requirements for real-time operation. ### Main Contributions 1. **Innovative Adversarial Purification Algorithm**: An adversarial purification algorithm combining the forward and backward processes of the diffusion model is proposed, which can effectively purify attacked PMU data and restore the classifier's correct predictions. 2. **Efficient Real-time Processing**: Implicit diffusion sampling scheduling is adopted, significantly reducing the number of iterations in the purification process, lowering computation time, and achieving real-time processing of PMU data. 3. **Theoretical Findings**: It is revealed that the L2 distance between the original data and the attacked data continuously decreases throughout the purification process, explaining the intrinsic mechanism of the adversarial purification algorithm. 4. **Empirical Validation**: The proposed adversarial purification algorithm is validated using a large-scale real-world PMU dataset, showing excellent accuracy and computational efficiency. ### Conclusion The paper effectively addresses the vulnerability of power system event classifiers to adversarial attacks by proposing an adversarial purification method based on a diffusion model. This method not only enhances the robustness and accuracy of the classifiers but also possesses real-time processing capabilities, providing an important guarantee for the stable operation of power systems.

Adversarial Purification for Data-Driven Power System Event Classifiers with Diffusion Models

Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems

Defending Against Adversarial Attacks in Transmission- and Distribution-level PMU Data

Adversarial Attack Mitigation Strategy for Machine Learning-Based Network Attack Detection Model in Power System

Vulnerability and Impact of Machine Learning-Based Inertia Forecasting under Cost-Oriented Data Integrity Attack

Super-efficient detector and defense method for adversarial attacks in power quality classification

Adversarial Attacks and Defense Methods for Power Quality Recognition

Towards Resilient and Secure Smart Grids against PMU Adversarial Attacks: A Deep Learning-Based Robust Data Engineering Approach

Stability Analysis for Power Depth Vision of New Power System Based on Black-Box Adversarial Attack

Cybersecurity Analysis of Data-Driven Power System Stability Assessment

Learning from Time-Synchronized Power System Measurements with Rare Anomalous Event Records to Detect PMU Data Manipulation Attacks

Diffusion-based Adversarial Purification for Intrusion Detection

Black-box attacks and defense for DNN-based power quality classification in smart grid

Adversarial Attacks and Defense for CNN Based Power Quality Recognition in Smart Grid

False-Data-Injection-Enabled Network Parameter Modifications in Power Systems: Attack and Detection

Adversarial Weight Prediction Networks for Defense of Industrial FDC Systems

Defending Against Energy Dispatching Data Integrity Attacks In Smart Grid

Overcoming Stealthy Adversarial Attacks on Power Grid Load Predictions Through Dynamic Data Repair.

Purify++: Improving Diffusion-Purification with Advanced Diffusion Models and Control of Randomness

Adversarially Robust Industrial Anomaly Detection Through Diffusion Model

Is Machine Learning in Power Systems Vulnerable?